Control of group membership in Matrix is control of key distribution. That's generally how group secure messaging works. The vulnerabilities didn't allow unauthorized group messengers to "steal" keys; it added unauthorized members to groups, which causes authorized group members to negotiate key relationships with them.